When you get the alert, have you really checked the “Remember” box? If so, when you edit the rule(s) in the Application Monitor, have you set the “Destination IP” and “Destination Port” to “Any”? There shouldn’t be any problems to completely block an application.
In Security/Tasks, there is an option (as I recall) to Define an Untrusted Application. This should automatically create the blocking rule. Just be sure to remove any existing rules for it first to make sure there are no conflicts.
I’m sorry you’re having such an issue with this. Will you kindly capture a screenshot of the entire alert for this application, and post for us? That may reveal some information we’re missing, and help resolve the problem.
I think that TortoiseSVN could be a reason. If I copy the app outside of the repository CPF blocks it correctly.
And a similar question:
How to skip checking changes of cryptographic signature and deny invisible connections?
How to skip checking changes for programs that I made, just block once and forever. (disturbs when debugging)
You may be stuck in the “developer’s loop” Gluk, I am sorry to say. If Ringis.exe is an application you are working on and making changes to, no Block rule is going to help you. CFP will prompt each and every time, because by the signature changing, it is no longer the same application.
For the regular user, this is not a problem when a program updates. For someone who is programming/debugging an application, it is very problematic. There is no work-around for it at present, although it is a known issue with 2.4. I’m not sure if v3 addresses the issue or not.
If ringis.exe is not something you’re working on, I would suggest to Edit that application rule and remove the “Ask” about invisible connections. Also, set the Parent to “Learn” instead of “Skip.”